Hello!
Our SSL certificate has expired but traefik does not recognise the new one.
[entryPoints.https.tls]
[[entryPoints.https.tls.certificates]]
certFile = "/cert/STAR_homecareheroes_com_au.cer"
keyFile = "/cert/STAR_homecareheroes_com_au.key"
Is there a way to force traefik to load the new one?
I've touched the toml file to no avail.
Thanks for any help.
ldez
February 29, 2020, 2:36pm
2
Hello,
the entrypoints are in the static configuration so you have to restart Traefik.
https://docs.traefik.io/v1.7/basics/#configuration
But you can use the "dynamic certificates":
remove the section tls.certificates
from the entryPoints definition.
restart Traefik
add the following tls
element (dynamic configuration)
after that you will no longer need to restart to update your certificates.
https://docs.traefik.io/v1.7/configuration/backends/file/
[[tls]]
entryPoints = ["https"]
[tls.certificate]
certFile = "/cert/STAR_homecareheroes_com_au.cer"
keyFile = "/cert/STAR_homecareheroes_com_au.key"
ramil
January 13, 2021, 9:16pm
3
Hi Idez,
Thanks for your explanation.
I have similar behaviour in my environment where it toggles between the new certificate and the expired one whenever you refresh the endpoint.
May I know how to tell if it's on Static Configuration? Here's is the snippet of my toml file:
traefik.toml: |
defaultEntryPoints = ["http","https"]
debug = false
logLevel = "INFO"
#Config to redirect http to https
[entryPoints]
[entryPoints.http]
address = ":80"
compress = true
[entryPoints.http.redirect]
entryPoint = "https"
[entryPoints.https]
address = ":443"
compress = true
[entryPoints.https.tls]
What to change so I don't need to restart my traefik pods? May I know why it has to be reloaded just to apply the new cert? Lastly, where to find the location of the certs as I didn't define any path.